package com.jeect.userservice3.filter;

import com.jeect.userservice3.exception.ImageCodeException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpMethod;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.session.SessionAuthenticationException;
import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
import org.springframework.util.StringUtils;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;

public class ApiUsernamePasswordAuthenticationProcessingFilter extends UsernamePasswordAuthenticationFilter {

    @Autowired
    private AuthenticationFailureHandler authenticationFailureHandler;

    public ApiUsernamePasswordAuthenticationProcessingFilter() {
        AntPathRequestMatcher requestMatcher = new AntPathRequestMatcher("/user/login", "POST");
        this.setRequiresAuthenticationRequestMatcher(requestMatcher);
        this.setAuthenticationManager(getAuthenticationManager());
//        this.setAuthenticationFailureHandler(new LoginAuthenticationFailureHandler());
    }



//    public ApiUsernamePasswordAuthenticationProcessingFilter() {
//        super();
//    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
        HttpSession session = request.getSession();
        System.out.println("attemptAuthentication funcation().........");
        if (session == null || StringUtils.isEmpty(session.getAttribute("code")) || StringUtils.isEmpty(request.getParameter("charcode"))) {
            //throw new SessionAuthenticationException("验证码错误!");
            try {
                authenticationFailureHandler.onAuthenticationFailure(request,response,new ImageCodeException("验证码错误!"));
            } catch (IOException e) {
                e.printStackTrace();
            } catch (ServletException e) {
                e.printStackTrace();
            }
        }
        String codes = (String) session.getAttribute("code");
        String username=request.getParameter("username");
        String password=request.getParameter("password");
        if (!request.getParameter("charcode").equalsIgnoreCase(codes)) {
//            throw new SessionAuthenticationException("验证码错误!");
            try {
                authenticationFailureHandler.onAuthenticationFailure(request,response,new ImageCodeException("验证码错误!"));
            } catch (IOException e) {
                e.printStackTrace();
            } catch (ServletException e) {
                e.printStackTrace();
            }
        }
        UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
        try {
            return this.getAuthenticationManager().authenticate(authRequest);
        }catch (Exception e){
            throw new SessionAuthenticationException("用户名或密码错误!");
        }
//        setDetails(request, authRequest);
//        return super.attemptAuthentication(request,response);
    }
}
